Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
File:                     02QfqO0c_D2qI6qvjDp2_oftW6s.mft (raw, json)
Hash identifier:          oHsRq3YUixzHVjfigXajPZ22fuybg/Cs/qhpLBvq9jw=
Subject key identifier:   81:AF:EE:0C:38:73:13:4C:84:CB:50:BB:62:D0:B1:45:18:C7:04:37
Authority key identifier: D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB
Certificate issuer:       /CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
Certificate serial:       0197B77CC24296665F55F9E8A5F5689F31FC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
Manifest number:          0C84
Signing time:             Sat 28 Jun 2025 17:01:36 +0000
Manifest this update:     Sat 28 Jun 2025 17:01:36 +0000
Manifest next update:     Sun 29 Jun 2025 17:01:36 +0000
Files and hashes:         1: 02QfqO0c_D2qI6qvjDp2_oftW6s.crl (hash: L5WbUw1PcQ3/G2rzjPvJwm476H9xi4Fjtc+byl5bACQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Jun 2025 10:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:b7:7c:c2:42:96:66:5f:55:f9:e8:a5:f5:68:9f:31:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d3641fa8ed1cfc3daa23aaaf8c3a76fe87ed5bab
        Validity
            Not Before: Jun 28 17:01:36 2025 GMT
            Not After : Jun 29 17:01:36 2025 GMT
        Subject: CN=81afee0c3873134c84cb50bb62d0b14518c70437
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:eb:a9:d3:47:5f:c2:81:50:a2:b7:1e:b7:0a:
                    8e:c0:ca:f5:b0:fa:8f:7f:a3:62:10:d9:4c:82:b4:
                    33:14:f3:95:9e:b8:be:03:c3:47:9c:89:11:b8:9f:
                    60:3d:ec:1e:84:39:f2:a2:e2:19:26:ae:14:f0:c0:
                    f3:e4:4b:49:88:27:95:1c:61:ea:6e:9a:01:a0:3a:
                    b2:2e:d7:52:4d:4c:d8:65:e1:97:b8:11:09:77:3a:
                    5a:0d:5d:94:be:11:0e:62:96:26:88:13:40:7d:c4:
                    fa:1d:fb:d3:95:71:32:74:e8:9b:37:35:23:07:90:
                    39:61:94:1b:97:e3:99:1b:bb:81:1e:7b:9d:c4:16:
                    35:b3:4d:5e:c0:5e:9d:9c:0e:d9:88:8c:aa:59:81:
                    a9:5c:14:b5:cd:59:e1:a7:f1:1a:b0:6c:c7:57:32:
                    28:cf:9c:a5:be:8d:9b:f1:16:36:3b:63:9b:f4:2e:
                    3b:2b:bc:46:11:ae:4e:85:70:4f:c7:a7:aa:cd:89:
                    69:f4:5f:69:a5:f5:ca:f5:71:52:a8:04:c3:1f:02:
                    1e:e2:73:ec:6b:cc:6a:8f:76:be:a8:93:c2:5c:e7:
                    0f:84:b8:95:04:67:a2:7b:08:21:20:5c:e5:05:7a:
                    2d:a1:98:bf:32:29:db:90:5b:c7:82:1b:e6:06:60:
                    38:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:AF:EE:0C:38:73:13:4C:84:CB:50:BB:62:D0:B1:45:18:C7:04:37
            X509v3 Authority Key Identifier:
                keyid:D3:64:1F:A8:ED:1C:FC:3D:AA:23:AA:AF:8C:3A:76:FE:87:ED:5B:AB

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02QfqO0c_D2qI6qvjDp2_oftW6s.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d109-8b06-4ddd-bc20-9941992c9c24/1/02QfqO0c_D2qI6qvjDp2_oftW6s.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         54:2b:e1:9a:85:64:ff:5f:59:b7:9e:9a:b4:55:1f:36:4c:81:
         ba:62:07:b5:60:7f:77:1a:81:e3:ad:67:45:f2:91:a4:fd:57:
         71:00:b6:9f:9f:3f:40:e6:d1:56:5e:24:69:9a:a0:1b:35:cc:
         92:29:c9:fd:6e:49:ef:eb:76:e6:6b:f5:50:4c:b9:99:95:cb:
         7d:4a:9b:c4:76:0a:ac:b0:3d:8d:fd:8a:54:ab:78:4f:00:94:
         ec:03:82:d5:4a:10:4e:2f:ea:eb:5f:94:fe:86:21:32:07:c9:
         2d:e6:3d:00:f7:13:92:bc:71:60:11:4c:42:f6:30:2d:30:17:
         49:58:a8:45:61:26:50:02:0a:0d:9c:52:49:fa:0c:8e:45:f5:
         02:c5:b0:a7:43:d7:72:ee:1b:5a:0f:50:e4:38:d7:f3:cd:0d:
         08:fb:5d:95:b3:ee:84:e4:af:6d:cb:6f:b2:27:92:8c:2c:03:
         7b:db:bf:fc:46:8f:1d:10:42:e0:19:d2:0c:97:a3:96:9d:cd:
         88:da:9b:6a:ef:7d:0e:c1:59:01:24:b6:c0:55:2d:e7:63:ba:
         45:56:3d:bb:fa:b6:dc:b0:26:ea:0b:52:2d:0f:c5:8c:bb:cb:
         e6:70:b6:2f:c4:28:30:31:3c:08:3d:29:b5:ec:6f:1f:57:a9:
         17:59:37:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3fMJClmZfVfnopfVonzH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjQxZmE4ZWQxY2ZjM2RhYTIzYWFhZjhjM2E3NmZlODdl
ZDViYWIwHhcNMjUwNjI4MTcwMTM2WhcNMjUwNjI5MTcwMTM2WjAzMTEwLwYDVQQD
Eyg4MWFmZWUwYzM4NzMxMzRjODRjYjUwYmI2MmQwYjE0NTE4YzcwNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeup00dfwoFQorcetwqOwMr1sPqP
f6NiENlMgrQzFPOVnri+A8NHnIkRuJ9gPewehDnyouIZJq4U8MDz5EtJiCeVHGHq
bpoBoDqyLtdSTUzYZeGXuBEJdzpaDV2UvhEOYpYmiBNAfcT6HfvTlXEydOibNzUj
B5A5YZQbl+OZG7uBHnudxBY1s01ewF6dnA7ZiIyqWYGpXBS1zVnhp/EasGzHVzIo
z5ylvo2b8RY2O2Ob9C47K7xGEa5OhXBPx6eqzYlp9F9ppfXK9XFSqATDHwIe4nPs
a8xqj3a+qJPCXOcPhLiVBGeiewghIFzlBXotoZi/MinbkFvHghvmBmA4WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGv7gw4cxNMhMtQu2LQsUUYxwQ3MB8GA1UdIwQY
MBaAFNNkH6jtHPw9qiOqr4w6dv6H7VurMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAt
OTk0MTk5MmM5YzI0LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQxMDktOGIwNi00ZGRkLWJjMjAtOTk0MTk5MmM5YzI0
LzEvMDJRZnFPMGNfRDJxSTZxdmpEcDJfb2Z0VzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVCvhmoVk
/19Zt56atFUfNkyBumIHtWB/dxqB461nRfKRpP1XcQC2n58/QObRVl4kaZqgGzXM
kinJ/W5J7+t25mv1UEy5mZXLfUqbxHYKrLA9jf2KVKt4TwCU7AOC1UoQTi/q61+U
/oYhMgfJLeY9APcTkrxxYBFMQvYwLTAXSVioRWEmUAIKDZxSSfoMjkX1AsWwp0PX
cu4bWg9Q5DjX880NCPtdlbPuhOSvbctvsieSjCwDe9u//EaPHRBC4BnSDJejlp3N
iNqbau99DsFZASS2wFUt52O6RVY9u/q23LAm6gtSLQ/FjLvL5nC2L8QoMDE8CD0p
texvH1epF1k3gQ==
-----END CERTIFICATE-----